From owner-freebsd-questions@FreeBSD.ORG  Tue May 30 16:43:56 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4FECD16A758
	for <freebsd-questions@freebsd.org>;
	Tue, 30 May 2006 16:43:56 +0000 (UTC)
	(envelope-from toni@stderror.at)
Received: from murus.stderror.at (stdin.stderror.at [83.65.196.90])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 6C20E43D76
	for <freebsd-questions@freebsd.org>;
	Tue, 30 May 2006 16:43:54 +0000 (GMT)
	(envelope-from toni@stderror.at)
Received: from murus.stderror.at (unknown [127.0.0.1])
	by murus.stderror.at (Postfix) with ESMTP id C9EDF5C5C
	for <freebsd-questions@freebsd.org>;
	Tue, 30 May 2006 18:45:37 +0200 (CEST)
Date: Tue, 30 May 2006 18:45:37 +0200
Message-ID: <86u07731hq.wl%toni@stderror.at>
From: Toni Schmidbauer <toni@stderror.at>
To: FreeBSD Questions <freebsd-questions@freebsd.org>
In-Reply-To: <447C6CF9.4070201@mykitchentable.net>
References: <447C6CF9.4070201@mykitchentable.net>
User-Agent: Wanderlust/2.14.0 (Africa) SEMI/1.14.6 (Maruoka) FLIM/1.14.8
	(=?UTF-8?B?U2hpavI=?=) APEL/10.6 Emacs/21.3 (i386--freebsd) MULE/5.0
	(SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka")
Content-Type: text/plain; charset=US-ASCII
Subject: Re: ipfw Kernel Module - Default to Accept?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 30 May 2006 16:44:01 -0000

At Tue, 30 May 2006 09:04:09 -0700,
Drew Tomlinson wrote:
> I'm using FBSD 6.1.  When using the ipfw kernel module, is it possible
> to get ipfw loaded in a "default to accept" mode?  I've seen the
> kernel option to enable this when compiling statically but nothing
> specific to the kernel module.  Maybe there's a way to compile the
> kernel module with some entry in /etc/make.conf?  I've Googled but
> have not been able to turn up anything.

you can recompile the module, uncomment the line 

#CFLAGS+= -DIPFIREWALL_DEFAULT_TO_ACCEPT

in /usr/src/sys/modules/ipfw/Makefile. next call make in the same
directory and copy the compiled module to /boot/kernel. i've done that
in the past, works like a charm.

hth,
toni